Azure 应用服务部署槽 - 应用网关

Question

Working on a project where we are starting to use Deployment Slots in our App Services.

All our Prod apps are located behind Application Gateway, and we would like to also have our Slots located behind Application Gateway.

I understand we can not do this using "App Services" as target type in the Backend Pools as of now, but wondered if it is doable using "IP Address or FQDN" as target type.

I have tried to set it up, with various changes in the "HTTP Settings", Probe and so, but haven´t gotten it up spinning.

Can anyone confirm if this is possible, and have any tips on how this should be configured?

Thanks!

Answer 1

I was able to get this working on one of my slots.

Basically setup the listener with your necessary protocol, port cert, hostname, etc... I'm using multi-site listeners so I can have multiple URLs for the one AppGW/Public IP.

The rule points to the listenter, backend pool and appropriate http setting.

The HTTP setting should be configured to connect to your app service URL accordingly. I'm using the azurewebsite.net URL, so I use well known CA cert & override hostname from backend target:

The backend pool then points to the azurewebsites.net URL:

Make sure that GET / works on your app service and returns 200 - 399 HTTP status codes. Anything outside that range is a failure and the backend pool will be removed. If you need to create a custom health probe to a URL that will respond properly, or adjust the acceptable HTTP status code (if 401 or 403 due to required auth, then just override it with that for testing purposes for now).

I'm trying to do it again with a second slot and running into 502 errors from the App Gateway... However, I'm also waiting on DNS changes from my network team. My first one with my company domain works via hosts file edit, but the 2nd slot (which has 2 different URLs/listeners configured in the AppGW) doesn't want to work the same way for some reason.